Yandex says "Your computer may be infected" - why and what to do?

Yandex says "Your computer may be infected" - why and what to do?

Some users, when entering, may see a message "Your computer may be infected" in the corner of the page that explains "A virus or malware is interfering with your browser and changing the content of the pages." Some novice users are confused by this message and have questions like "Why does the message appear only in a browser, such as Google Chrome", "What to do and how to fix the computer" and the like.

This tutorial details why Yandex reports that your computer is infected, what can cause it, what action you should take, and how to fix the situation.

Why Yandex thinks your computer is in danger

Many malicious and potentially unwanted browser programs and extensions spoof the content of the pages you open, replacing their own not always useful ads, introducing miners, changing search results, and otherwise affecting what you do. see on the websites. But visually, you can't always see it.

For its part, Yandex monitors its website if this type of identity theft occurs and, if it does, reports it with the red "Your computer may be infected" window, offering to fix it. If after clicking the "Fix your computer" button, you are taken to - the notification is actually from Yandex, and not an attempt to mislead you. And, if simply refreshing the page does not disappear the message, I recommend that you take it seriously.

Don't be surprised if the message appears in some specific browsers and not others: the fact is that this type of malware usually targets specific browsers, and some malicious extension may be present in Google Chrome but absent in Mozilla Firefox, Opera or the browser. Yandex.

How to fix the problem and remove the "Your computer may be infected" window from Yandex

Clicking the "Fix my computer" button takes you to a special section of the Yandex website dedicated to describing the problem and how to fix it, consisting of 4 tabs:

  1. What to do: Suggest various utilities to automatically fix the problem. However, I do not entirely agree with the choice of public services, as indicated below.
  2. Fix it yourself - information on what exactly to check.
  3. Details - browser malware infection symptoms.
  4. How not to get infected: tips for the novice user on what to keep in mind so as not to run into a problem in the future.

The tips are generally correct, but I will take the liberty of slightly modifying the steps suggested by Yandex and recommend a slightly different course of action:

  1. Perform a cleanup using the free AdwCleaner malware removal tool instead of the 'conditionally free' tools offered (except for the Yandex Rescue Tool, which does not do a very deep scan, however). In AdwCleaner, I recommend that you enable hosts file restore in settings. There are also other effective tools for malware removal. In terms of effectiveness, even in the free version, RogueKiller is noteworthy (but in English).
  2. Disable all (even the necessary and guaranteed as "good") browser extensions without exception. If the problem disappears, enable them one by one until you identify the extension that is causing the infected computer notification. Note that malicious extensions can be listed as "AdBlock," "Google Docs," and the like, simply by masquerading as those names.
  3. Check the tasks in the task scheduler that may be causing your browser to spontaneously open with ads and reinstall malicious and unwanted items. Read more about this: The browser with ads opens by itself, what to do?
  4. Check your browser shortcuts.
  5. In the case of Google Chrome, you can also use the built-in malware cleaner.

In most cases, these relatively simple steps are sufficient to fix the problem in question and only in cases where they do not help, does it make sense to proceed to download full anti-virus scanners such as Kaspersky Virus Removal Tool or Dr.Web CureIt.

To conclude this article on an important nuance: if on any website (we are not talking about Yandex and its official pages) you see a message that your computer is infected, N viruses have been found and you need to disinfect them immediately, be skeptical of such messages From the beginning. It's not common lately, but it used to be the way viruses spread: a user was rushing to click the notification and download the so-called "Antivirus", but actually downloaded the malware for himself.